Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2009:1513 - Security Advisory
Issued:
2009-10-15
Updated:
2009-10-15

RHSA-2009:1513 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: cups security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated cups packages that fix two security issues are now available for
Red Hat Enterprise Linux 5.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

Description

The Common UNIX Printing System (CUPS) provides a portable printing layer
for UNIX operating systems. The CUPS "pdftops" filter converts Portable
Document Format (PDF) files to PostScript.

Two integer overflow flaws were found in the CUPS "pdftops" filter. An
attacker could create a malicious PDF file that would cause "pdftops" to
crash or, potentially, execute arbitrary code as the "lp" user if the file
was printed. (CVE-2009-3608, CVE-2009-3609)

Red Hat would like to thank Chris Rohlf for reporting the CVE-2009-3608
issue.

Users of cups are advised to upgrade to these updated packages, which
contain a backported patch to correct these issues. After installing the
update, the cupsd daemon will be restarted automatically.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Affected Products

  • Red Hat Enterprise Linux Server 5 x86_64
  • Red Hat Enterprise Linux Server 5 ia64
  • Red Hat Enterprise Linux Server 5 i386
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.4 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.4 ia64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.4 i386
  • Red Hat Enterprise Linux Workstation 5 x86_64
  • Red Hat Enterprise Linux Workstation 5 i386
  • Red Hat Enterprise Linux Desktop 5 x86_64
  • Red Hat Enterprise Linux Desktop 5 i386
  • Red Hat Enterprise Linux for IBM z Systems 5 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 5.4 s390x
  • Red Hat Enterprise Linux for Power, big endian 5 ppc
  • Red Hat Enterprise Linux for Power, big endian - Extended Update Support 5.4 ppc
  • Red Hat Enterprise Linux Server from RHUI 5 x86_64
  • Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

  • BZ - 526637 - CVE-2009-3608 xpdf/poppler: integer overflow in ObjectStream::ObjectStream (oCERT-2009-016)
  • BZ - 526893 - CVE-2009-3609 xpdf/poppler: ImageStream::ImageStream integer overflow

CVEs

  • CVE-2009-3609
  • CVE-2009-3608

References

  • http://www.redhat.com/security/updates/classification/#moderate
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 5

SRPM
cups-1.3.7-11.el5_4.3.src.rpm SHA-256: 3a495c12ce99f94d7266233462386f7fa16e30f58f34dfac7307cac9e958e840
x86_64
cups-1.3.7-11.el5_4.3.x86_64.rpm SHA-256: a6e441de589c298ed93f58b713d550eacb37893b7905ba56d4e619fedd591089
cups-devel-1.3.7-11.el5_4.3.i386.rpm SHA-256: 6a0492d5d1ddb1f0706083b101c8390f07617d1794a4084dd36fb5dc8e28a8bd
cups-devel-1.3.7-11.el5_4.3.x86_64.rpm SHA-256: dfba562084fd2d533e7fbbc6c87bfc3f77caa92ce9f55527cffd673db269d52a
cups-libs-1.3.7-11.el5_4.3.i386.rpm SHA-256: 4420dab0be5f1b29a4dc5003cc9cd325586832cfdc4631e58f1db3b8a1397e71
cups-libs-1.3.7-11.el5_4.3.x86_64.rpm SHA-256: 178ea7ff8e59b0bf8c01284d75dbadb22067c398de35de2b49981857581f83b0
cups-lpd-1.3.7-11.el5_4.3.x86_64.rpm SHA-256: 29ca7f97dbc1e5ef3e53f4df0036d6cbf9a0883322e3a7815bd8b9d11fc56582
ia64
cups-1.3.7-11.el5_4.3.ia64.rpm SHA-256: efd0b3b1affc02213b801e67aeea881de83809d44da3759db977626f462a95e8
cups-devel-1.3.7-11.el5_4.3.ia64.rpm SHA-256: 234119cd9c931a314c5ad46f5037574ad0e804498e651fe96c386839a87c2b38
cups-libs-1.3.7-11.el5_4.3.i386.rpm SHA-256: 4420dab0be5f1b29a4dc5003cc9cd325586832cfdc4631e58f1db3b8a1397e71
cups-libs-1.3.7-11.el5_4.3.ia64.rpm SHA-256: d85fab3cfaadd23600084640ab04b2ca6c3b900635fa31167b187c3fda13c328
cups-lpd-1.3.7-11.el5_4.3.ia64.rpm SHA-256: 3ea565c2c789065cc368000b2fd8d6f354c1fecf960756921748ae61fe5a6f94
i386
cups-1.3.7-11.el5_4.3.i386.rpm SHA-256: 50bb7ffb9c6968c8cc9ad6daf2d0c7fb31e76143d57e4b1aef2f7e4c10b80bbb
cups-devel-1.3.7-11.el5_4.3.i386.rpm SHA-256: 6a0492d5d1ddb1f0706083b101c8390f07617d1794a4084dd36fb5dc8e28a8bd
cups-libs-1.3.7-11.el5_4.3.i386.rpm SHA-256: 4420dab0be5f1b29a4dc5003cc9cd325586832cfdc4631e58f1db3b8a1397e71
cups-lpd-1.3.7-11.el5_4.3.i386.rpm SHA-256: f7275fe31f98e0b0f79e65aec7acbb55bc4f97bee607e76092ca853befba041e

Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.4

SRPM
x86_64
ia64
i386

Red Hat Enterprise Linux Workstation 5

SRPM
cups-1.3.7-11.el5_4.3.src.rpm SHA-256: 3a495c12ce99f94d7266233462386f7fa16e30f58f34dfac7307cac9e958e840
x86_64
cups-1.3.7-11.el5_4.3.x86_64.rpm SHA-256: a6e441de589c298ed93f58b713d550eacb37893b7905ba56d4e619fedd591089
cups-devel-1.3.7-11.el5_4.3.i386.rpm SHA-256: 6a0492d5d1ddb1f0706083b101c8390f07617d1794a4084dd36fb5dc8e28a8bd
cups-devel-1.3.7-11.el5_4.3.x86_64.rpm SHA-256: dfba562084fd2d533e7fbbc6c87bfc3f77caa92ce9f55527cffd673db269d52a
cups-libs-1.3.7-11.el5_4.3.i386.rpm SHA-256: 4420dab0be5f1b29a4dc5003cc9cd325586832cfdc4631e58f1db3b8a1397e71
cups-libs-1.3.7-11.el5_4.3.x86_64.rpm SHA-256: 178ea7ff8e59b0bf8c01284d75dbadb22067c398de35de2b49981857581f83b0
cups-lpd-1.3.7-11.el5_4.3.x86_64.rpm SHA-256: 29ca7f97dbc1e5ef3e53f4df0036d6cbf9a0883322e3a7815bd8b9d11fc56582
i386
cups-1.3.7-11.el5_4.3.i386.rpm SHA-256: 50bb7ffb9c6968c8cc9ad6daf2d0c7fb31e76143d57e4b1aef2f7e4c10b80bbb
cups-devel-1.3.7-11.el5_4.3.i386.rpm SHA-256: 6a0492d5d1ddb1f0706083b101c8390f07617d1794a4084dd36fb5dc8e28a8bd
cups-libs-1.3.7-11.el5_4.3.i386.rpm SHA-256: 4420dab0be5f1b29a4dc5003cc9cd325586832cfdc4631e58f1db3b8a1397e71
cups-lpd-1.3.7-11.el5_4.3.i386.rpm SHA-256: f7275fe31f98e0b0f79e65aec7acbb55bc4f97bee607e76092ca853befba041e

Red Hat Enterprise Linux Desktop 5

SRPM
cups-1.3.7-11.el5_4.3.src.rpm SHA-256: 3a495c12ce99f94d7266233462386f7fa16e30f58f34dfac7307cac9e958e840
x86_64
cups-1.3.7-11.el5_4.3.x86_64.rpm SHA-256: a6e441de589c298ed93f58b713d550eacb37893b7905ba56d4e619fedd591089
cups-libs-1.3.7-11.el5_4.3.i386.rpm SHA-256: 4420dab0be5f1b29a4dc5003cc9cd325586832cfdc4631e58f1db3b8a1397e71
cups-libs-1.3.7-11.el5_4.3.x86_64.rpm SHA-256: 178ea7ff8e59b0bf8c01284d75dbadb22067c398de35de2b49981857581f83b0
cups-lpd-1.3.7-11.el5_4.3.x86_64.rpm SHA-256: 29ca7f97dbc1e5ef3e53f4df0036d6cbf9a0883322e3a7815bd8b9d11fc56582
i386
cups-1.3.7-11.el5_4.3.i386.rpm SHA-256: 50bb7ffb9c6968c8cc9ad6daf2d0c7fb31e76143d57e4b1aef2f7e4c10b80bbb
cups-libs-1.3.7-11.el5_4.3.i386.rpm SHA-256: 4420dab0be5f1b29a4dc5003cc9cd325586832cfdc4631e58f1db3b8a1397e71
cups-lpd-1.3.7-11.el5_4.3.i386.rpm SHA-256: f7275fe31f98e0b0f79e65aec7acbb55bc4f97bee607e76092ca853befba041e

Red Hat Enterprise Linux for IBM z Systems 5

SRPM
cups-1.3.7-11.el5_4.3.src.rpm SHA-256: 3a495c12ce99f94d7266233462386f7fa16e30f58f34dfac7307cac9e958e840
s390x
cups-1.3.7-11.el5_4.3.s390x.rpm SHA-256: 52c86ac0e3d66c1b302b63b50c27c5bf587b167c7edb3e6a0a424a3046b0429b
cups-devel-1.3.7-11.el5_4.3.s390.rpm SHA-256: 25e05efc7e135ed4971eaa1047990292709b6e9330bf3ef1a818d30bc0b1e687
cups-devel-1.3.7-11.el5_4.3.s390x.rpm SHA-256: 80ddd6a43840a07a4d4601fa676ba2ae63a2a7dfa85edd33ed405171a2857a6c
cups-libs-1.3.7-11.el5_4.3.s390.rpm SHA-256: 360e268fbbe949c1ccbeb2bd353c1bf1babd4fdcf891d2b17fb1831662e201c7
cups-libs-1.3.7-11.el5_4.3.s390x.rpm SHA-256: ae9c6d59d1b894202a8eb2f99d35d6892a75d15bf237ba18c31dd559b63b1332
cups-lpd-1.3.7-11.el5_4.3.s390x.rpm SHA-256: 7e137dc82d4b626f38eafba27a64b05f7121d4bf71768427bec1731a62ddb75a

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 5.4

SRPM
s390x

Red Hat Enterprise Linux for Power, big endian 5

SRPM
cups-1.3.7-11.el5_4.3.src.rpm SHA-256: 3a495c12ce99f94d7266233462386f7fa16e30f58f34dfac7307cac9e958e840
ppc
cups-1.3.7-11.el5_4.3.ppc.rpm SHA-256: 4d51f531e0ae22e024afde24de1b6df2f40eccf1ab03e245ace1632c70c184db
cups-devel-1.3.7-11.el5_4.3.ppc.rpm SHA-256: 7ebb3b6126cbfd5d624fac8e120c2aca3b0549b3ebacce8953e58b4fb4669cea
cups-devel-1.3.7-11.el5_4.3.ppc64.rpm SHA-256: b560b6bbc2615a6b6246869065ca499c79d5f50b1835f00e3d1eee1c28ef1071
cups-libs-1.3.7-11.el5_4.3.ppc.rpm SHA-256: 682d0508b138316897c8586f20af43be5154d2cf1d34d2ce115abf35f9f844a5
cups-libs-1.3.7-11.el5_4.3.ppc64.rpm SHA-256: bd2c155beceb5bfab644dc6cde87252af9dac9a16f0079ec08974fe2ba9ab4f2
cups-lpd-1.3.7-11.el5_4.3.ppc.rpm SHA-256: dcabef1f0637546f6b3cbd41d82d6592392495fae8f84ef200b01fbbbdda4545

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 5.4

SRPM
ppc

Red Hat Enterprise Linux Server from RHUI 5

SRPM
cups-1.3.7-11.el5_4.3.src.rpm SHA-256: 3a495c12ce99f94d7266233462386f7fa16e30f58f34dfac7307cac9e958e840
x86_64
cups-1.3.7-11.el5_4.3.x86_64.rpm SHA-256: a6e441de589c298ed93f58b713d550eacb37893b7905ba56d4e619fedd591089
cups-devel-1.3.7-11.el5_4.3.i386.rpm SHA-256: 6a0492d5d1ddb1f0706083b101c8390f07617d1794a4084dd36fb5dc8e28a8bd
cups-devel-1.3.7-11.el5_4.3.x86_64.rpm SHA-256: dfba562084fd2d533e7fbbc6c87bfc3f77caa92ce9f55527cffd673db269d52a
cups-libs-1.3.7-11.el5_4.3.i386.rpm SHA-256: 4420dab0be5f1b29a4dc5003cc9cd325586832cfdc4631e58f1db3b8a1397e71
cups-libs-1.3.7-11.el5_4.3.x86_64.rpm SHA-256: 178ea7ff8e59b0bf8c01284d75dbadb22067c398de35de2b49981857581f83b0
cups-lpd-1.3.7-11.el5_4.3.x86_64.rpm SHA-256: 29ca7f97dbc1e5ef3e53f4df0036d6cbf9a0883322e3a7815bd8b9d11fc56582
i386
cups-1.3.7-11.el5_4.3.i386.rpm SHA-256: 50bb7ffb9c6968c8cc9ad6daf2d0c7fb31e76143d57e4b1aef2f7e4c10b80bbb
cups-devel-1.3.7-11.el5_4.3.i386.rpm SHA-256: 6a0492d5d1ddb1f0706083b101c8390f07617d1794a4084dd36fb5dc8e28a8bd
cups-libs-1.3.7-11.el5_4.3.i386.rpm SHA-256: 4420dab0be5f1b29a4dc5003cc9cd325586832cfdc4631e58f1db3b8a1397e71
cups-lpd-1.3.7-11.el5_4.3.i386.rpm SHA-256: f7275fe31f98e0b0f79e65aec7acbb55bc4f97bee607e76092ca853befba041e

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
Copyright © 2022 Red Hat, Inc.
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Red Hat Summit
Twitter